Fake Madden NFL 12 Android App Crushes Your Security

Below:

Next story in Security

With the Super Bowl Sunday rapidly approaching, online crooks are
suiting up and hitting the field to make some quick cash off
football fanatics, and especially fans of the Madden video game
franchise.

Researchers at Symantec detected a fake version of Madden NFL 12
for Android spreading around the Web. The app spoofs the cover of
the real Electronic Arts (EA) app, but those who download it are
met with a crushing blow; there is no game.

That's not the bad part. The
malicious smartphone app drops a Trojan on users' devices
that automatically sends unauthorized text messages to
premium-rate numbers in Belgium, Switzerland,Sierra Leone and
Romania, among other far-off destinations, running up the
victims' phone bills without their knowledge. Symantec identified
the Trojan as a variant of the Foncy Trojan family, a known
offender.

Once the app is off and running, "it has full control of
the device," Symantec said in a
blog post, and is able to root the phone, meaning it can
attain administrative access to the phone or even completely wipe
the phone's operating system.

The hard-hitting action doesn't stop there: The Trojan hiding in
the malicious Madden app, in addition to running up victims'
phone bills, (and blocking them from seeing that there phone has
sent any of these premium-rate texts) alsoattempts to connect to
a remote server, which can then feed it more nasty commands to
execute.

To protect yourself from nasty Trojans like this one, make sure
you only download appsfrom Android's official App Market, and
read the user reviews and comments before doing so. Also, make
sure you run anti-virus
software on your smartphone, which can help tackle Trojans
before you get hurt.